War Drums Beat Louder For 'World War C'

A report by cyber security firm FireEye says cyber warfare expanding. The U.S. leads the charge in this virtual battlefield.

If the lingo of cyber security experts, zombie warfare might that be that far fetched after all.

Call it "World War C", and it playing right now at a nation near you. It is quiet, mostly invisible and oddly as safe as it is dangerous.

The 'C' in this war zone stands for cyberspace, and industry experts have been warning about it for the last five years. The war drums are beating louder. Once limited to cybercrime stealing credit card numbers, cyber attacks are becoming a key weapon for governments seeking to defend national sovereignty, project national power or spy on both friend and foe alike, as was brought to light by former National Security Agency contractor Edward Snowden revealed. The United States uses its soft cyber powers to tap into the computer systems of friendly nations in the E.U. and Brazil.

From strategic cyber espionage campaigns, such as Moonlight Maze and Titan Rain, to the destructive, such as military cyber strikes on Georgia and Iran, human and international conflicts are entering a new phase in their long histories. In this shadowy battlefield, victories are fought with bits instead of bullets, malware instead of militias, and botnets instead of bombs.

"Cyber warfare isn't necessarily part of a wider war. Sometimes it is just to collect data that is not easily accomplished by a military drone," said Eugene Kaspersky, head of Moscow-based Kaspersky Lab.

Kaspersky said the war drums are beating louder.

"A cyber attacks are being used more and more for military purposes," he said. Kaspersky became famous for being part of the team that discovered the Stuxnet worm in 2010. The worm targeted Siemens industrial control systems used at Iran nuclear power plants and is believed to have been the brainchild of the U.S. and Israeli defense departments.

A cyber attack is best understood not as an end in itself, but as a potentially powerful means to a wide variety of political, military, and economic goals.

“Serious cyber attacks are unlikely to be motiveless,” Martin Libicki, Senior Scientist at RAND Corp. said in a report released this month by cyber security firm FireEye. “Countries carry them out to achieve certain ends, which tend to reflect their broader strategic goals. The relationship between the means chosen and their goals will look rational and reasonable to them if not necessarily to us.”

Just as each country has a unique political system, state-sponsored attacks also have distinctive characteristics, which include everything from motivation to target to type of attack.

World War C is a FireEye creation. They noted in their 22 page report that their out-of-this-world war scenario is hard to fully describe. There are very little physical casualties involved. For the general public, collateral damage is unheard of so far.

Cyber war has been compared to special operations forces, submarine warfare, targeted missile strikes, and assassins. But some say it could be as bad as a nuclear weapons, Pearl Harbor, 9/11 or a natural disaster.

FireEye's zombie analogy is not new. Often, any compromised computer, if it is actively under the surreptitious control of a cybercriminal, is called a zombie, and botnets are sometimes called zombie armies. Also, compared to stockpiling tanks and artillery, writing cyber attack code, and compromising thousands if not millions of computers, is easy. Moreover, malware often spreads with the exponential growth of an infectious disease.

The analytical waters surrounding cyber warfare are inherently murky, write FireEye analysts in their report. At the strategic level, governments desire to have a degree of plausible deniability. At the tactical level, military and intelligence organizations envelop such operations in layers of classification and secrecy. To be effective, information operations rely on deception—and the Internet offers an ideal venue for a spy’s smoke and mirrors.

Virtual Drum Beats

FireEye researchers said they have even seen one nation-state develop and use a sophisticated Trojan, and later -- after its own counter-Trojan defenses were in place -- actually sold it to cyber criminals on the black market. Thus, some cyber attack campaigns may bear the hallmarks of both state and non-state actors, making positive attribution almost impossible. And finally, “false flag” cyber operations involve a hacker group behaving like another to mislead cyber defense researchers at places like Kaspersky Lab and FireEye.

As for crystal balls: no one knows what the next cyber attack will look like. But considering recent trends, industry experts are coming up with a few educated guesses.

Here are five factors that could change the world’s cyber security landscape in the near- to medium-term, verbatim from the FireEye report:

1. Outage of national critical infrastructure: cyber attacks can disrupt government networks, but most current cases simply do not rise to the level of a national security threat. Stuxnet -- and Iran’s alleged retaliation against Saudi Aramco -- has shifted the thinking on cyber war from theory to reality. But have we seen the limit of what cyber attacks can achieve, or could cyber criminals threaten public safety by downing a power grid or financial market?

2. Cyber arms treaty: if world leaders begin to view cyber attacks as more of a liability than an opportunity, they may join a cyber arms control regime or sign a non-aggression pact for cyberspace. However, arms control requires the ability to inspect for a prohibited item. President Reagan’s favorite Russian proverb was доверяй, но проверяй, or “trust but verify.” Given that a single USB stick can now hold billions of bits of information, verifying would be easier said than done.

3. PRISM, freedom of speech, and privacy: the modern Internet era is still quite young and the conversation on cyber crime and more sophisticated cyber espionage and defense put in place by governments has just begun. It encompasses Daniel Ellsberg, Chelsea Manning, and Edward Snowden, as well as the Declaration of Independence, Enigma, and The Onion Router (TOR). Today, politicians, NSA agents, and hacktivists are all aware of a critical debate on the horizon.

4. New actors on the cyber stage: the revolutionary nature of computers and the amplification power of networks are not exclusive to the world’s largest nations. Iran, Syria, North Korea, and even non-state actors such as Anonymous have employed cyber attacks as a way to conduct diplomacy and wage war by other means. Researchers have little reason to think that other governments are not active in this domain. Possible candidates could be:

a. Poland: it was the Poles who first broke the German Enigma cipher—way back in 1932. Today, with programming talent and well-known rivalry with Russia, it is a possibility.

b. Brazil: Home to some of the world’s most prolific cyber criminals, will Brazil’s government, be angry about recent revelations of U.S. cyber spying, harness this talent for geopolitical ends?

c. Taiwan: with constant cyber attacks emanating from China, Taipei may have little choice but to react.

5. Stronger focus on evasive tactics: some nation-states know how to launch stealthy cyber attacks. But as the discipline of cyber defense matures, and as public awareness of the World War C phenomenon grows, some “noisy” cyber attackers such as China may be forced to raise their game by trying to fly under the radar.

Analysts believe that the U.S. has conducted the most highly engineered cyber attacks to date, including Stuxnet, 74 Duqu, Flame, and Gauss, according to the Laboratory of Cryptography and System Security in Budapest, known as CrySys.

While cyber attacks are relatively a new phenomenon, they represent a growing national security challenge, said FireEye.

As part of a broader effort to mitigate the threat, President Obama signed a directive this year that the U.S. should aid allies who come under foreign cyber attack.

I've spent 20 years as a reporter for the best in the business, including as a Brazil-based staffer for WSJ. Since 2011, I focus on business and investing in the big emerging markets exclusively for Forbes.